KR20230076430A - Tag generation and authenticator for data integrity verification in network-on-chip - Google Patents

Abstract

A tag generation and authenticator for verifying data integrity in a Network-on-Chip according to the present invention includes a local key table storing 32-bit local key values owned by each router, and Network-on-Chip. (NoC) A route assignment unit that generates a number of 32-bit counter values corresponding to the information of the departure and destination nodes from the routing computation function existing in the router, and a number of local key values provided from the local key table. and a field multiplication value generator for generating a plurality of Galois Field Multiplication (GFM) values based on the generated plurality of 32-bit counter values, respectively, and a plurality of generated Galois field multiplication values and 32 It may include a tag generation unit that generates a different tag for each router on a path through an XOR operation with each flit segment divided into bits, and a global tag table that stores the generated tags of each router.

Description

TAG GENERATION AND AUTHENTICATOR FOR DATA INTEGRITY VERIFICATION IN NETWORK-ON-CHIP}

The present invention relates to a tag generation and authenticator for data integrity verification in a Network-on-Chip (NoC), and more particularly, to a Galois-Counter Mode (GCM) algorithm By application, it relates to a tag generation and authenticator for data integrity verification in a network-on-chip, which can realize data integrity verification with high-speed parallel processing.

As semiconductor process technology develops, System-on-Chip (SoC), which integrates multiple IPs on a single chip, has emerged.

Network-on-Chip (NoC) is a method of allocating a router to each IP and connecting adjacent routers to build one large network, thereby securing higher bandwidth and parallelism. In particular, mesh structure NoCs are widely used in high-performance SoCs due to their physical scalability and low cost.

Recently, the number of IPs in SoC has exploded, and the difficulty of designing and verifying them has also increased. Accordingly, utilizing reusable IP provided by third parties is increasingly reducing design costs.

However, the purchased IP may be hiding the HT function due to the malicious intent of the third party company.

The presence of HT in NoC further maximizes the impact on security. A router infected with HT can steal or tamper with data exchanged between the two routers without interference from the upper system.

However, there are cases where the HT operates normally before a specific activation condition, and since its physical size is variable, it may simply consist of several transistors.

It is quite difficult to detect the existence of such HT in the current SoC design with billions of transistors, and it may require much more time and money than the SoC design work itself for integrity verification, so HT operates in the SoC itself At the same time, there is a need for the ability to detect it.

In addition, since the conventional packet authenticator for detecting data alteration uses Cipher Block Chaining (CBC) technology, parallel processing is not possible, and thus a large amount of memory must be allocated to the global tag table.

Korean Patent Publication No. 10-2017-0072645 (Publication date: 2017. 06. 27.)

The present invention is a tag generation and authenticator for data integrity verification in a network-on-chip that can realize data integrity verification with high-speed parallel processing by applying the Galois-Counter Mode (GCM) algorithm. want to provide

An object of the present invention is to provide a tag generation and authenticator for data integrity verification in a network-on-chip that can adaptively apply the size of a global tag table according to a NoC structure.

The problems to be solved by the present invention are not limited to those mentioned above, and other problems to be solved that are not mentioned can be clearly understood by those skilled in the art from the description below. will be.

According to one aspect, the present invention starts from a local key table storing 32-bit local key values owned by each router and a routing computation function present in a network-on-chip (NoC) router. and a path allocator generating a plurality of 32-bit counter values corresponding to the information of the destination node, based on the plurality of local key values provided from the local key table and the generated plurality of 32-bit counter values. Through an XOR operation with a field multiplication value generation unit for generating a plurality of Galois Field Multiplication (GFM) values, respectively, and each flit segment divided into 32 bits with the generated plurality of Galois field multiplication values Provides a tag generator and authenticator for verifying data integrity in Network-on-Chip, including a tag generator that generates different tags for each router on a path, and a global tag table that stores the generated tags of each router can do.

The path assigning unit of the present invention may generate the counter values using a Pseudo Random Number Generator (PRNG) algorithm.

The tag of the present invention may be generated by using the GFM value and the counter mode.

Each of the routers of the present invention collects the local key shared from the starting router, the destination information of the head flit, and flit data to create a tag, and then compares the value stored in the global tag table.

In the authenticator of the present invention, if the tags generated for each router match, it is determined that the operation is normal, and if the tags generated for each router do not match, it is recorded in the item of the corresponding flit of the global tag table, and the next route Routers may be warned of data theft or tampering through the global tag table.

The size of the global tag table of the present invention may be set to (m+n)xN (m: row, n: column, N: maximum number of flits).

According to an embodiment of the present invention, high-speed parallel processing for data integrity verification can be realized by applying a Galois-Counter Mode (GCM) algorithm.

According to an embodiment of the present invention, a modulated packet is detected using a tag in the NoC router, and the location of the HT is tracked using the detected packet, thereby adaptively applying the size of the global tag table according to the NoC structure. , which effectively reduces the size of the global tag table.

1 is a block diagram of a tag generation and authenticator for data integrity verification in Network-on-Chip according to an embodiment of the present invention.
2 is an exemplary diagram of a design of an existing global tag table.
3 is an exemplary diagram of the design of a global tag table according to the present invention.
4 is a table showing the results of experiments conducted by the inventors of the present invention.

First, the advantages and characteristics of the present invention, and methods for achieving them will become clear with reference to the embodiments described later in detail in conjunction with the accompanying drawings. Here, the present invention is not limited to the embodiments disclosed below, but may be implemented in a variety of different forms, only the present embodiments make the disclosure of the present invention complete, and conventional techniques in the technical field to which the present invention pertains. Since it is provided as an example so that those skilled in the art can clearly understand the scope of the invention, the technical scope of the present invention should be defined by the claims.

In addition, in describing the present invention below, if it is determined that a detailed description of a known function or configuration may unnecessarily obscure the subject matter of the present invention, the detailed description will be omitted. In addition, terms to be described later are terms defined in consideration of functions in the present invention, which may vary according to intentions or customs of users, operators, etc., of course. Therefore, the definition should be made based on the technical idea described throughout this specification.

Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the accompanying drawings.

1 is a block diagram of a tag generation and authenticator for data integrity verification in Network-on-Chip according to an embodiment of the present invention.

Referring to FIG. 1, the tag generation and authenticator in this embodiment includes a local key table 102, a path allocation unit 104, a field multiplication value generation unit 106, a tag generation unit 108, and a global tag table 110. ) and the like.

The local key table 102 is a table possessed by each router (node) and can perform functions such as storing 32-bit local key values owned by all routers. Each local key value is defined as a 32-bit number, and the total number of local keys can be the number of routers, that is, m (row) × n (column).

The path assigning unit 104 has functions such as generating a plurality of 32-bit counter values corresponding to the information of the departure and arrival nodes from the routing computation function present in the router of the Network-on-Chip (NoC). For this purpose, a path allocator 1041 and four counters 1042 to 1045 may be included.

These counter values should produce the same result if all nodes get the same input value. It can be applied in various ways, and another local table can be used in a simple way, but in the case of an actual experiment for the verification of the present invention, it was implemented using a Pseudo Random Number Generator (PRNG) algorithm.

The field multiplication value generator 106 generates a plurality of Galois field multiplications (Galois Functions such as generating (calculating) each Field Multiplication (GFM) value can be performed (that is, proceeding in parallel in units of flits).

To this end, the field multiplication value generation unit 106 may include, for example, four Galois field multipliers 1061 to 1064 that each generate Galois field multiplication values in parallel.

That is, each of the Galois field multipliers 1061 to 1064 performs calculations within a Galois field (or finite field), and these calculations are performed using the binary field of GF(2 ³² ) or GF(2 ⁸ ). ), and the experiment for the present invention was conducted with the former.

To briefly explain the multiplication within the Galois field, after calculating the carryless multiplication of two numbers, dividing by the modulo value determined in each field, the remainder is taken and output as the result. This method is a one-way hash function, and may play a role in not being able to infer an input value from a result value.

The tag generation unit 108 divides a plurality of Galois field multiplication values generated through each Galois field multiplier 1061 to 1064 in the multiplication value generation unit 106 into 32 bits and each flit segment (F ₀ , F ₁ , F ₂ , F ₃ ), it is possible to perform a function such as generating different tags (tar0, tag1, tag2, tag3) for each router on the path, respectively. Tags may be stored in the global tag table 110 .

That is, the tag of each router can be created using the GFM value and the counter mode, and each router creates a tag by collecting the local key shared from the starting router, the destination information of the head fleet, and the fleet data, and then creates a global tag. Data integrity verification can be performed by comparing with values stored in the tag table 110 .

For example, the authenticator determines that the operation is normal if the tags generated by each router match, and if the tags generated by each router do not match, the authenticator records it in the item of the corresponding fleet of the global tag table 110, and informs routers on the next route. Data theft or tampering can be warned through the global tag table 110 .

Here, the size of the global tag table may be set to, for example, (m+n) × N (m: row, n: column, N: maximum number of flits).

According to an embodiment of the present invention, since tag generation and tag calculation processes in the authenticator are independent of other tag calculations, parallel execution is possible. For example, the XOR operation between F ₀ and the first GFM block, which is a calculation to create tag ₀ , is not affected by the results of other GFM blocks.

In the case of the previously used crypto block chaining, since each GFM block requires the calculated value of the previous GFM block, the total execution cycle will increase in proportion to the number of blocks. However, according to the present invention, in the case of the Galois/Counter mode used Calculation of all tags in shorter cycles is possible. However, in the case of a counter block, since the value received from the path allocator is incremented, each cycle is consumed, so assuming that n is the number of blocks, it is not exactly shortened by 1/n times.

That is, according to the present invention, instead of creating a tag table item for every node (router) existing in the NoC for each flit, it is possible to pre-calculate the route of the corresponding flit and store tags as many as the number of nodes to be traversed.

2 is an exemplary diagram of a design of an existing global tag table.

Referring to FIG. 2, since the existing design has one column for each node, the tag table of the NoC structure having m rows and n columns has m × n columns for tag storage.

Since each tag value is 32 bits, it can be said that the corresponding tag table has the size of bits. If fleet 0 is transferred from node 0 to node 2, (except because node 0 is the starting point, tag authentication is not required), tags are stored in the spaces of node 1 and node 2, but the rest (m x n - 1) - 2 squares become useless. A value of 0 is stored in the discarded 32-bit cell.

3 is an exemplary diagram of the design of a global tag table according to the present invention.

Referring to FIG. 3, assuming XY deterministic routing in an mxn NoC structure, the maximum number of nodes that one flit can pass through is m + n - 2. Therefore, the total size of the tag table is bits, and assuming that fleet 0 is transferred from node 0 to node 2, tag ₀ and tag ₁ are stored in node 0 and node 1, respectively, and from node 2 to node m A value of 0 is stored until + n - 3.

The benefits of these changes are: In other words, assuming that m, n, and N are natural numbers, (32 ㅧ (m + n -2) + 2) ×x N x < (32 x (m x n) + 2) x N is always true, so management within the NoC This reduces the size of the global tag table that must be used. However, this global tag table requires the assumption that the route must be perfectly known from the starting node through a routing algorithm such as XY confirmed route.

The inventors of the present invention conducted a simulation (experiment) for the present invention.

An authenticator module is added to every router, which serves to verify fleets entering the router and create tags for outgoing fleets. When each packet is transmitted to a router through a network interface (NI) connected to IP, it is divided into flits of a certain size. Here, the size of the flits is defined as, for example, 128 bits.

The authenticator of the router from which the packet originates reads the location of the destination router of the packet, creates a tag through a tag generator, and stores it in the global tag table.

When the divided flit arrives at the next router on the route, the router's authenticator attempts authentication using one tag in the tag table to which the flit is assigned. If the authentication succeeds, the next task of the router is continued, but if it fails, the corresponding flit determines that it has been tampered with and warns routers on the next path through the tag table. It is also possible to verify all tags at every router, but this is likely to introduce large latency each time the fleet moves, so only one tag is authenticated.

When a fleet arrives at its ultimate destination router, that router's authenticator attempts to authenticate against every tag the fleet has in its tag table. This is to exclude the possibility that only a certain part of the flit is modulated during the path.

For the design performance experiment, design verification was conducted using the Garnet 2.0 simulator implemented on gem5, an open source computer structure simulator, and the NoC model adopted XY routing and wormhole switching, which are widely used in 4x4 mesh structures. Each simulation was conducted for 2000 cycles, and a random router was configured as an HT-infected router to act as a data tamper. The experimental results are shown in the table shown in FIG. 4 .

As for the models used in the experiment, a total of three models were compared: one model in which the authenticator proposed in the present invention is not implemented, a 1-tag model in which all tags are not verified in the last router, and a full-tag model in which verification is performed.

Since one more cycle is required for the final verification, the full-tag model increases the fleet delay time by 98% in the router's buffer stage than the 1-tag model. However, rather, it was confirmed that the number of hops during operation time in the entire NoC decreased and the detection success rate of modulated flits was close to 100%.

In order to alleviate the large latency increase, a model that does not perform full tag detection was also included in the experiment, which only increased fleet latency by 66% compared to the existing model, but in the case of modulation generated by a specific router, it could not be detected. It was found that the situation occurred and a decrease in the detection success rate of about 3% occurred.

The above description is merely illustrative of the technical idea of the present invention, and those skilled in the art can make various substitutions, modifications, and changes within the scope not departing from the essential characteristics of the present invention. You will easily see that this is possible. That is, the embodiments disclosed in the present invention are not intended to limit the technical idea of the present invention but to explain, and the scope of the technical idea of the present invention is not limited by these embodiments.

Therefore, the protection scope of the present invention should be construed according to the following claims, and all technical ideas within the scope equivalent thereto should be construed as being included in the scope of the present invention.

102: local key table
104: path allocation unit
106: field multiplication value generation unit
108: tag generation unit
110: global tag table

Claims (6)

A local key table that stores 32-bit local key values owned by each router;
a path allocator that generates a plurality of 32-bit counter values corresponding to the information of the departure and arrival nodes from a routing computation function existing in a network-on-chip (NoC) router;
A field multiplication value generator for generating a plurality of Galois Field Multiplication (GFM) values, respectively, based on the plurality of local key values provided from the local key table and the generated plurality of 32-bit counter values;
A tag generation unit that generates different tags for each router on a path through an XOR operation between the generated Galois field multiplication values and each flit segment divided into 32 bits;
Includes a global tag table for storing the generated tags of each router
Tag generation and authenticator for data integrity verification on Network-on-Chip. According to claim 1,
The path assignment unit,
Generating the counter values using a Pseudo Random Number Generator (PRNG) algorithm
Tag generation and authenticator for data integrity verification on Network-on-Chip. According to claim 1,
The tag is
Generated by the method using the GFM value and the counter mode
Tag generation and authenticator for data integrity verification on Network-on-Chip. According to claim 1,
Each router,
After collecting the local key shared from the departure router, destination information of the head fleet, and fleet data to create a tag, compare it with the value stored in the global tag table.
Tag generation and authenticator for data integrity verification on Network-on-Chip. According to claim 1,
The authenticator,
If the tags created for each router match, it is determined to be a normal operation. If the tags created for each router do not match, it is recorded in the item of the corresponding flit in the global tag table, and the global tag table is sent to routers on the next route. to warn of theft or falsification of data through
Tag generation and authenticator for data integrity verification on Network-on-Chip. According to claim 1,
The size of the global tag table is
set to (m+n)xN (m:rows, n:columns, N:max number of fleets)
Tag generation and authenticator for data integrity verification on Network-on-Chip.

Images